Monday, May 31, 2010

Fiddler XSRF Inspector Released

Fiddler XSRF Inspector is a plugin for Fiddler 2 that extracts cross-site request forgery attacks from HTTP requests.

Copy FiddlerXSRF.dll to the Fiddler 2 Inspectors folder, generally %ProgramFiles%\Fiddler2\Inspectors

-Capture the request that is going to be used to create a cross-site request forgery attack.
-Navigate to the XSRF tab under inspectors to see the generated HTML. If the request uses the POST method, the option to convert it to GET will be available.
-Click the Test button and observe the results.


No comments: